﻿using System;
using System.Collections.Generic;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

public partial class Login : System.Web.UI.Page
{
    String strCon = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString;
    String strCom;
    SqlConnection objCon;
    SqlCommand objCom;
    DataTable dt = new DataTable();
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void btnLogin_Click(object sender, EventArgs e)
    {
        if (txtUserName.Text == "" || txtUserPassword.Text == "")
            lblStatus.Text = "กรอกข้อมูล";
        else
            QueryLogin(txtUserName.Text, txtUserPassword.Text);
    }
    protected void QueryLogin(string Username, string Password)
    {
        objCon = new SqlConnection(strCon);
        objCon.Open();
        strCom = "Select UserID From Users Where Username='" + Username + "' And Password='" + Password + "'";
        objCom = new SqlCommand(strCom, objCon);

        int intReturn = Convert.ToInt32(objCom.ExecuteScalar());

        if (intReturn > 0)
        {
            Session["strUserID"] = intReturn;
            Session["strUser"] = txtUserName.Text;
            Response.Redirect("Home.aspx");
        }
        else
            lblStatus.Text = "ข้อมูลผิดพลาด";

        objCon.Close();
        objCon = null;
    }
}